Hims data breach class action lawsuits overview:
- Who: Two consumers filed separate class action lawsuits against Hims Inc. and Hims & Hers Inc.
- Why: Plaintiffs claim the companies failed to properly safeguard sensitive personal and medical information, leading to data breaches.
- Where: The class action lawsuits were filed in California federal court.
Two class action lawsuits accuse Hims and Hims & Hers of failing to adequately protect sensitive patient information, resulting in data breaches that exposed consumers to identity theft and fraud risks.
In one complaint, plaintiff Brandon Hoagland-Sweeney alleges Hims failed to properly secure consumers’ personally identifiable information, including dates of birth and medical information, which was accessed by unauthorized third parties in a cyberattack discovered in February 2026.
The class action lawsuit claims the company delayed notifying affected individuals until April 2026, leaving them unaware of the breach and unable to take steps to protect themselves.
Hoagland-Sweeney argues Hims failed to implement reasonable data security measures, including encryption and monitoring systems, allowing cybercriminals to infiltrate its network and access sensitive data.
The plaintiff seeks to represent a nationwide class of individuals whose personal information was compromised and is requesting damages, injunctive relief and improved data security practices.
Hims & Hers lawsuit raises similar data security concerns
A separate class action lawsuit filed by plaintiff Julie Dolphin alleges Hims & Hers failed to safeguard customer information during a cybersecurity incident that occurred in early February 2026.
According to the complaint, unauthorized third parties accessed customer support tickets containing sensitive data, including names, contact details, dates of birth and medical information.
The class action lawsuit claims the company identified the breach in early February but did not notify affected individuals until April 2026.
Dolphin argues the company failed to implement adequate security measures and did not timely disclose the breach, increasing the risk of identity theft and fraud for affected consumers.
The complaint alleges class members have suffered injuries, including loss of privacy, increased risk of identity theft, time spent monitoring accounts and potential financial losses.
The plaintiffs in both lawsuits argue the companies’ alleged failures constitute negligence and violations of consumer protection laws and are seeking damages, restitution and injunctive relief requiring improved data security practices.
Meanwhile, Hims & Hers is currently facing another lawsuit claiming the company falsely advertised its compounded GLP-1 semaglutide products as being the same as the weight loss and diabetes drugs Ozempic and Wegovy.
What do you think about these data breach allegations against Hims and Hims & Hers? Let us know in the comments.
Hoagland-Sweeney is represented by Scott Edward Cole and Laura Van Note of Cole & Van Note. Dolphin is represented by Daniel Srourian of Srourian Law Firm P.C. and Mark Reich, Melissa Meyer and Tyler Litke of Levi & Korsinsky LLP.
The Hims class action lawsuit is Hoagland-Sweeney v. Hims Inc., Case No. 3:26-cv-03157, and the Hims & Hers class action lawsuit is Dolphin v. Hims & Hers Inc., Case No. 3:26-cv-03077, both filed in the U.S. District Court for the Northern District of California.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
One thought on Hims, Hims & Hers class actions allege data breach exposed sensitive patient information
Add me